IN THE CLAIMS : 

Please cancel claims/ 1-21, and add new claims 22-42 as follows: 

1.-21. (Canceled) 

22. (New) A method of providing access to a resource of a computer, comprising: 
receiving a request from a user to access the resource using a process; 

accessing data associated with the user stored in a memory in response to the received 
request, the data specifying one or more resources available to the process; 
and 

providing the process with access to the.resource if the accessed data specifies that the 
resource is available to the process. 

23. (New) The method of claim 22, wherein the data stored in the memory comprises 
a process resource access table for the process and associated with the user, the process resource 
access table specifying an access right of the process to the resource. 

24. (New) The method of claim 23, wherein the process resource access table 
includes a directory path, and wherein the process has access rights to a resource designated by 
the directory path. 

25. (New) The method of claim 24, wherein the process resource access table uses a 
meta symbol in the directory path, further comprising: 

substituting the meta symbol in the directory path with data defined responsive to the 
process and/or the user. 

26. (New) The method of claim 25, wherein the meta symbol represents an item of 
information selected from the set consisting of: an identification of a user of the process; a path 
wildcard; a directory wildcard; a character wildcard; and a portion of a name of the resource. 
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27. (New) The method of claim 22, wherein the resource of the computer comprises 
one or more resources from the set consisting of: a data file, an application file, a digital device, 
and access to functionality provided by a second process executing on the computer. 

28. (New) The method of claim 22, wherein the computer is utilized by a plurality of 
users, further comprising: 

determining an identity of the user; and 

identifying data stored in the memory specifying resources available to processes 
executed by the user having the determined identity. 

29. (New) A system for providing access to a resource of a computer, comprising: 
a memory for storing data specifying one or more resources available to a process 

executing on the computer; 
an interface module for receiving a request from a user of the computer to access the 

resource using a process; and 
a security module for providing the process with access to the resource if the stored 

data specifies that the resource is available to the process. 

30. (New) The system of claim 29, wherein the data stored in the memory comprises 
a process resource access table for the process and associated with the user, the process resource 
access table specifying an access right of the process to the resource. 

3 1 . (New) The system of claim 30, wherein the process resource access table includes 
a directory path, and wherein the process has access rights to a resource designated by the 
directory path. 

32. (New) The system of claim 31, wherein the process resource access table uses a 
meta symbol in the directory path, and wherein the security module is adapted to: 

substitute the meta symbol in the directory path with data defined responsive to the 
process and/or user. 
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33. (New) The system of claim 32, wherein the meta symbol represents an item of 
information selected from the set consisting of: an identification of the user; a path wildcard; a 
directory wildcard; a character wildcard; and a portion of a name of the resource. 

34. (New) The system of claim 29, wherein the resource of the computer comprises 
one or more resources from the set consisting of: a data file, an application file, a digital device, 
and access to functionality provided by a second process executing on the computer. 

35. (New) The system of claim 29, wherein the computer is utilized by a plurality of 
users and wherein the security module is adapted to: 

determine an identity of the user; and 

identify data stored in the memory specifying resources available to processes 
executed by the user having the determined identity. 

36. (New) A computer program product having a computer-readable medium having 
embodied thereon program code for providing access to a resource of a computer, the program 
code comprising: 

an interface module for receiving a request from a user to access the resource using a 
process; 

a security module for accessing data stored in a memory, the data specifying one or 

more resources available to the process; and 
wherein the security module provides the process with access to the resource if the 

stored data specifies that the resource is available to the process. 

37. (New) The computer program product of claim 36, wherein the data stored in the 
memory comprises a process resource access table for the process and associated with the user, 
the process resource access table specifying an access right of the process to the resource. 

38. (New) The computer program product of claim 37, wherein the process resource 
access table includes a directory path, and wherein the process has access rights to a resource 
designated by the directory path. 
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39. (New) The computer program product of claim 38, wherein the process resource 
access table represents the directory path using a meta symbol, and wherein the security module 
is adapted to: 

substitute the meta symbol in the directory path with data defined responsive to the 
process and/or the user. 

40. (New) The computer program product of claim 39, wherein the meta symbol 
represents an item of information selected from the set consisting of: an identification of the 
user; a path wildcard; a directory wildcard; a character wildcard; and a portion of a name of the 
resource. 

41. (New) The computer program product of claim 36, wherein the resource of the 
computer comprises one or more resources from the set consisting of: a data file, an application 
file, a digital device, and access to functionality provided by a second process executing on the 
computer. 

42. (New) The computer program product of claim 36, wherein the computer is 
utilized by a plurality of users and wherein the security module is adapted to: 

determine an identity of the user; and 

identify data stored in the memory specifying resources available to processes 
executed by the user having the determined identity. 
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